You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by bh...@apache.org on 2015/03/17 11:26:38 UTC
[36/50] git commit: updated refs/heads/master to 3c429ee
No hardcoded passwords.
- If for some reason the cmdLine json doesn't contain the password key, which is almost impossible to happen,
we generate a password based on other unique data per VPC
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/e7969b64
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/e7969b64
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/e7969b64
Branch: refs/heads/master
Commit: e7969b640b6e7e1d4be5df37e86f65dbb49bae64
Parents: 4b66043
Author: wilderrodrigues <wr...@schubergphilis.com>
Authored: Tue Feb 10 19:30:45 2015 +0100
Committer: wilderrodrigues <wr...@schubergphilis.com>
Committed: Mon Mar 16 11:40:06 2015 +0100
----------------------------------------------------------------------
.../debian/config/opt/cloud/bin/cs/CsDatabag.py | 13 ++++++++++++-
1 file changed, 12 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/e7969b64/systemvm/patches/debian/config/opt/cloud/bin/cs/CsDatabag.py
----------------------------------------------------------------------
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsDatabag.py b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsDatabag.py
index d58a642..b2e559d 100644
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsDatabag.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsDatabag.py
@@ -15,6 +15,7 @@
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
+import hashlib
from merge import DataBag
@@ -131,4 +132,14 @@ class CsCmdLine(CsDataBag):
def get_router_password(self):
if "router_password" in self.idata():
return self.idata()['router_password']
- return "k3ep@liv3D"
+
+ '''
+ Generate a password based on the router id just to avoid hard-coded passwd.
+ Remark: if for some reason 1 router gets configured, the other one will have a different password.
+ This is slightly difficult to happen, but if it does, destroy the router with the password generated with the
+ code below and restart the VPC with out the clean up option.
+ '''
+ passwd = "%s-%s" % (self.get_vpccidr, self.get_router_id())
+ md5 = hashlib.md5()
+ md5.update(passwd)
+ return md5.hexdigest()